[torqueusers] Why does torque require pbs_mom/pbs_server be run as root?

Jeff Anderson-Lee jonah at eecs.berkeley.edu
Fri Jul 16 15:43:32 MDT 2010


On 7/16/2010 1:44 PM, Garrick Staples wrote:
> On Fri, Jul 16, 2010 at 03:26:59PM -0500, skip at pobox.com alleged:
>    
>>      Craig>  How about this: No process should be run as root unless it needs
>>      Craig>  to.  There is no reason that Torque should have to be root if it
>>      Craig>  is only being used by a single user.
>>
>> I agree with Craig.  I don't know the rationale behind using a low-numbered
>> port for communication between pbs_server and pbs_mom processes, but if you
>>      
> The point of using priv ports is so that the other side knows it is talking to
> a priv binary. It needs to know that it isn't just some trojan binary run by a
> regular user.
>
> Can you imagine running ssh on 2222? When I ssh to my friend's box, I know it
> is a root-owned process and not something started by another user ready to
> steal my password.
>    
When you ssh to a friend's box you are trusting root on that box, which 
is only *marginally* more secure than joeuser; if it's your friends box, 
then your friend has probably got root access in any case and there may 
not *be* any other users. Or, unless you have pre-exchanged root keys, 
you are opening yourself to a man-in-the-middle password attack on your 
first connection.  Given open-source operating systems root and 
low-number IP ports are not what they used to be by way of security.

Better to send him a copy of your public key for authorized_keys than to 
type in your password in any case.

Jeff



More information about the torqueusers mailing list